Privacy Policy

Trejer (“Trejer”, “we”, “us”, or “our”) is an employee-benefits platform headquartered in the Arab Republic of Egypt. We act as the data controller for personal data processed through our products.

For any privacy question, request, or complaint, contact us at [email protected].

This policy applies to personal data we process through:

• The Trejer marketing website (trejer.com).
• The Trejer mobile application for employees (iOS and Android).
• The Trejer employer / administrator web dashboard.
• The Trejer partner (merchant) portal.

We collect only what we need to deliver the service. Categories include:

Identity & contact data. Your name, work email, phone number, and the employer that has enrolled you in Trejer. Where required to verify eligibility, we may also collect a national identifier.

Location data. Approximate location while you are using the mobile app, used to surface nearby partner offers. Location is collected only when the app is in use and only if you grant the relevant permission. You can revoke this permission at any time in your device settings.

Transaction & redemption history. Records of offers you have viewed, saved, or redeemed, including the partner, date, and the value of the discount obtained.

Device & technical data. IP address, device model, operating-system version, app version, language, time-zone, and crash diagnostics.

Website analytics & cookies. See Section 12.

We do not knowingly collect special-category personal data (such as data revealing health, religious belief, or political opinion).

We process your personal data on the following legal bases under Article 2 of Egyptian Law No. 151 of 2020 (the Personal Data Protection Law, or “PDPL”):

• Performance of a contract — to create and operate your account, deliver perks, and process redemptions.
• Consent — for location-based features, marketing communications, and optional analytics. You can withdraw consent at any time without affecting prior processing.
• Legitimate interest — to keep the service secure, prevent fraud, debug issues, and improve product quality, balanced against your rights.
• Legal obligation — to comply with applicable Egyptian laws and lawful orders.

We share personal data only as described below.

With your employer. Your employer can see aggregate, de-identified engagement statistics (such as total redemptions across the workforce). Your employer does not receive your individual redemption history.

With partner merchants. When you redeem an offer, we share only the minimum needed to honor it — typically a one-time redemption token and the offer identifier. We do not pass your contact details to partners unless you explicitly choose to.

With service providers. Hosting, analytics, crash reporting, email delivery, and customer-support tools that process data under our instructions and written confidentiality terms.

For legal reasons. Where required by applicable law, court order, or to protect our rights, users, or the public.

We do not sell personal data.

Some of our service providers operate outside Egypt. When personal data is transferred across borders, we rely on the safeguards permitted by Article 14 of the PDPL, including transfers to countries that provide an adequate level of protection or under written contractual terms that require equivalent safeguards. You may request a copy of the relevant safeguards by emailing [email protected].

We retain personal data only as long as needed for the purposes set out in this policy:

• Account & profile data — for as long as your account is active, then deleted or anonymized within 12 months of account closure unless we are legally required to keep it longer.
• Redemption history — up to 24 months after the redemption, for support and dispute resolution.
• Crash and diagnostic logs — up to 90 days.
• Records we must retain to comply with tax, accounting, or other legal obligations — for the period required by applicable Egyptian law.

Under the PDPL, you have the right to:

• Know what personal data we hold about you and access it.
• Rectify inaccurate or incomplete data.
• Request erasure of your data where the law permits.
• Withdraw consent at any time where processing is based on consent.
• Object to, or restrict, certain processing.
• Receive your data in a portable, machine-readable format.

To exercise any of these rights, email [email protected]. We respond within the timelines required by the PDPL and may need to verify your identity before fulfilling a request.

Trejer is not intended for individuals under the age of 16. We do not knowingly collect personal data from children under 16. If you believe a child has provided us with personal data, contact us and we will delete it.

We use industry-standard administrative, technical, and physical safeguards to protect personal data, including encryption in transit (TLS) and at rest, role-based access controls, audit logging, and least-privilege provisioning. No system is perfectly secure; if we become aware of a personal-data breach that is likely to result in harm, we will notify affected users and the competent authority as required by the PDPL.

The Trejer mobile app may request the following device permissions:

• Location (approximate, while in use) — to surface nearby partner offers. Optional; you can use the app without granting it.
• Notifications — to alert you about new offers, redemption confirmations, and important account messages. Optional.
• Network & device identifiers — to operate the app, monitor stability, and prevent abuse.

The data categories disclosed on the Apple App Store Privacy Nutrition Label and the Google Play Data Safety form mirror the disclosures in this policy. We do not use your data for third-party advertising and we do not share it with data brokers.

Our website uses a small number of cookies and similar technologies:

• Strictly necessary — required for the site to function (e.g. session, security).
• Analytics — aggregate, anonymized usage data to help us improve the site.

You can block or delete cookies at any time through your browser settings. Blocking strictly necessary cookies may affect site functionality.

We may update this policy from time to time. The “Last updated” date at the top of the page reflects the latest revision. For material changes we will give reasonable notice through the app or by email before they take effect.

Questions, requests, or complaints? Email us at [email protected]. You also have the right to lodge a complaint with the Egyptian Personal Data Protection Center once it is operational.

This policy is governed by the laws of the Arab Republic of Egypt. Any dispute arising from it is subject to the exclusive jurisdiction of the competent courts of Cairo, Egypt.